Hardcoded Encryption Key Vulnerability in Device Manager by Nozomi Networks
CVE-2025-52601

6.3MEDIUM

Key Information:

Vendor: Hanwha Vision Co., Ltd.
Status: Device Manager
Vendor: CVE Published:; 26 December 2025

🔔 Create Hanwha Vision Co., Ltd. Vulnerability Alert

What is CVE-2025-52601?

A vulnerability has been identified in Nozomi Networks' Device Manager, where a hardcoded encryption key exposes sensitive information. An attacker can exploit this flaw to decrypt confidential data, posing significant risks to security and privacy. Affected users are advised to update to the latest firmware patch released by Nozomi Networks and consult their official documentation for guidance on mitigating the impact of this vulnerability.

Affected Version(s)

Device Manager prior to version 2.9.3.1

References

https://www.hanwhavision.com/wp-content/uploads/2025/12/C...

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 26, 2025
Vulnerability Reserved
Jun 18, 2025

JSON